Introduction to Computer Administration

Computer administration in EmpowerID enables IT teams to manage the complete lifecycle of computers in your network, from onboarding new machines through access configuration and maintenance operations. This section provides guidance for system administrators managing computer resources within the EmpowerID platform.

What Computer Administration Covers

Computer administration in EmpowerID includes:

• Access Management – Configuring permissions, ownership, and access policies for computers
• Onboarding – Adding new computers to EmpowerID and assigning them to organizational locations
• Lifecycle Operations – Moving, enabling, disabling, deleting, and restoring computer objects
• Security Operations – Managing password resets and authentication settings

Access Management Topics

Required Permissions

Understanding the permissions needed to manage computers in EmpowerID is the foundation for all computer administration tasks. The Access Needed to Manage Computers article details the specific roles and access levels required.

Access Configuration

• Grant Access to Manage Specific Computers – Assign management rights for individual computers or groups of computers
• IAM Shop Permission Levels – Configure what actions users can perform on computers through the IAM Shop
• Just-In-Time Access – Set up temporary elevated permissions that expire automatically
• Eligibility Configuration – Define criteria that determine which users can request access to specific computers

Computer Onboarding and Organization

Onboarding Computers

The onboarding process integrates new computers into EmpowerID, including options for:

• Configuring access request settings
• Vaulting credentials securely
• Publishing computers to the IAM Shop for user access requests

Assigning Locations

Computers in EmpowerID belong to locations, which are organizational containers used for managing access. Assigning computers to appropriate locations facilitates access management and organizational reporting.

Computer Lifecycle Operations

EmpowerID supports standard computer lifecycle operations:

• Moving Computers – Relocate computers between organizational units
• Password Resets – Reset computer account passwords to maintain security
• Enabling and Disabling – Control computer availability without deletion
• Deletion – Remove computers from active management
• Restoration – Recover previously deleted computers

Related Topics

For privileged access scenarios involving computers:

• Privileged Access Management
• Privileged Session Management

Getting Started

Before managing computers in EmpowerID, verify that your user account has the necessary permissions outlined in the Access Management section. The articles in this section build sequentially, with access management forming the foundation for subsequent configuration and operational tasks.